Actions

Securing Web Applications - Using Intercepting Proxies for Fun & Profit

-


Event
MinneBar 10 (11 April 2015)
Panel
This is not a panel.
Summary
None
URL
Topic
Schedule
2015-04-11 11:15


Room: Challenge


Presenters

[[Image:|120x120px|border|baseline|link=Douglas Frank]]
Douglas Frank
,
[[Image:|120x120px|border|baseline|link=Daniel Sandau]]
Daniel Sandau



In the age of web-based applications, ensuring client-server apps are configured securely is of paramount concern. With intercepting proxy tools you can easily understand how a web application works and start manually testing it. They allow its operator to act as a man-in-the-middle between a browser and the target application.

This session will briefly discuss when in the Secure Software Development Lifecycle 'dynamic analysis' security tools should be used and primarily teach how intercepting proxies can be used to improve security of these types of applications. The use of the 'Burp Suite Pro' intercepting proxy to identify security problems with web applications will be demonstrated.

blog comments powered by Disqus



MediaWiki spam blocked by CleanTalk.